如何在智能告警平台CA触发测试告警
939
2022-10-15
纯干货: kubernetes 多Master 二进制方式v1.20.11升级到v1.21.7
升级介绍
针对kubernetes小版本升级,只要更新相关二进制文件就可以了,由于kubernetes版本更新比较快,很多依赖还没解决晚上,所以不建议生产环境使用比较新的版本,升级目标小版本号不建议大于2。
kubernetes版本升级需要考虑到集群当中正在运行的容器收到影响,所以应该对各Node逐个进行驱离和驱逐Node上面的Pod。先更新Master服务,在逐个更新Node上的kubelet和kube-proxy服务。
升级规划
角色 | 组件 | 目前版本 | 升级版本 |
Master | kube-apiserver | v1.20.11 | v1.21.7 |
kube-controller-manager | v1.20.11 | v1.21.7 | |
kube-scheduler | v1.20.11 | v1.21.7 | |
kubelet | v1.20.11 | v1.21.7 | |
kube-prox | v1.20.11 | v1.21.7 | |
Node | kubelet | v1.20.11 | v1.21.7 |
kube-proxy | v1.20.11 | v1.21.7 |
说明:
calico和etcd一般不需要更新。
升级准备
下载地址
wget https://dl.k8s.io/v1.21.7/kubernetes-server-linux-amd64.tar.gz
目前集群版本信息
# kubectl get nodeNAME STATUS ROLES AGE VERSIONtest-k8s-master-227 Ready master 18d v1.20.11test-k8s-master-230 Ready master 17d v1.20.11test-k8s-master-231 Ready master 17d v1.20.11test-k8s-node-228 Ready
开始升级
Master升级(在所有Master节点操作)
备份
mkdir /data/backup/kubernetes -pcp /data/local/kubernetes/bin/{kube-apiserver,kube-controller-manager,kube-scheduler} /data/backup/kubernetes/
停止master(先停止其中一台master,先升级一台,跑个测试服务,观察下是否正常,在升级其他master)
systemctl stop keepalived #可以先停掉keepalived,切走高可用VIP地址systemctl stop kube-apiserversystemctl stop kube-schedulersystemctl stop kube-controller-manager
升级master
tar xf kubernetes-server-linux-amd64.tar.gz/bin/cp kubernetes/server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler} /data/local/kubernetes/bin/
启动keepalive和apiserver,其他组件
$systemctl start kube-apiserver$systemctl start kube-controller-manager && systemctl start kube-scheduler$kubectl get csWarning: v1 ComponentStatus is deprecated in v1.19+NAME STATUS MESSAGE ERRORcontroller-manager Healthy ok scheduler Healthy ok etcd-1 Healthy {"health":"true"} etcd-2 Healthy {"health":"true"} etcd-0 Healthy {"health":"true"} $systemctl start keepalived$kubectl version Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.11", GitCommit:"27522a29febbcc4badac257763044d0d90c11abd", GitTreeState:"clean", BuildDate:"2021-09-15T19:21:44Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.7", GitCommit:"1f86634ff08f37e54e8bfcd86bc90b61c98f84d4", GitTreeState:"clean", BuildDate:"2021-11-17T14:35:38Z", GoVersion:"go1.16.10", Compiler:"gc", Platform:"linux/amd64"}
可以看到服务端组件已经升级成功。
升级另外两台Master
将新版本的报传到230和231
scp kubernetes-server-linux-amd64.tar.gz 192.168.253.230:/data/tools/scp kubernetes-server-linux-amd64.tar.gz 192.168.253.231:/data/tools/
停止230master (231一样的操作)
systemctl stop keepalived #可以先停掉keepalived,切走高可用VIP地址systemctl stop kube-apiserversystemctl stop kube-schedulersystemctl stop kube-controller-manager
升级
$cd /data/tools $tar xf kubernetes-server-linux-amd64.tar.gz $/bin/cp kubernetes/server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler} /data/local/kubernetes/bin/ $systemctl start kube-apiserver $systemctl start kube-controller-manager && systemctl start kube-scheduler $kubectl versionClient Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.11", GitCommit:"27522a29febbcc4badac257763044d0d90c11abd", GitTreeState:"clean", BuildDate:"2021-09-15T19:21:44Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.7", GitCommit:"1f86634ff08f37e54e8bfcd86bc90b61c98f84d4", GitTreeState:"clean", BuildDate:"2021-11-17T14:35:38Z", GoVersion:"go1.16.10", Compiler:"gc", Platform:"linux/amd64"}
Node组件升级
备份(所有node节点,包括master)
mkdir -p /data/backup/kubernetes/cp /data/local/kubernetes/bin/{kube-proxy,kubelet} /data/backup/kubernetes/cp /usr/bin/kubectl /data/backup/kubernetes/
隔离Node,让node变成不可调度的状态
kubectl cordon test-k8s-master-227kubectl get node NAME STATUS ROLES AGE VERSIONtest-k8s-master-227 Ready,SchedulingDisabled master 18d v1.20.11test-k8s-master-230 Ready master 17d v1.20.11test-k8s-master-231 Ready master 17d v1.20.11test-k8s-node-228 Ready
停止(一台一台升级)
systemctl stop kubeletsystemctl stop kube-proxy
升级
cd /data/tools/tar xf kubernetes-server-linux-amd64.tar.gz/bin/cp kubernetes/server/bin/{kubelet,kube-proxy} /data/local/kubernetes/bin//bin/cp kubernetes/server/bin/kubectl /usr/bin/ #升级node 可以不用拷贝kubectl
启动
systemctl daemon-reload && systemctl start kubeletsystemctl start kube-proxysystemctl status kube-proxy● kube-proxy.service - Kubernetes Proxy Loaded: loaded (/usr/lib/systemd/system/kube-proxy.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2021-12-06 14:12:07 CST; 7s ago Main PID: 85281 (kube-proxy)
启动成功,版本也改过来了
kubectl get nodeNAME STATUS ROLES AGE VERSIONtest-k8s-master-227 Ready,SchedulingDisabled master 18d v1.21.7test-k8s-master-230 Ready master 17d v1.20.11test-k8s-master-231 Ready master 17d v1.20.11test-k8s-node-228 Ready
解除隔离
kubectl uncordon test-k8s-master-227
其他节点一样的操作
将包分发到所有节点,其他步骤参考上面走一遍
scp -P 22 kubernetes-server-linux-amd64.tar.gz 192.168.253.228:/data/tools/scp -P 22 kubernetes-server-linux-amd64.tar.gz 192.168.253.229:/data/tools/scp -P 22 kubernetes-server-linux-amd64.tar.gz 192.168.253.230:/data/tools/scp -P 22 kubernetes-server-linux-amd64.tar.gz 192.168.253.231:/data/tools/scp -P 22 kubernetes-server-linux-amd64.tar.gz 192.168.253.233:/data/tools/
一番猛如虎的操作,所有node均已升级完成
kubectl get nodeNAME STATUS ROLES AGE VERSIONtest-k8s-master-227 Ready master 18d v1.21.7test-k8s-master-230 Ready master 17d v1.21.7test-k8s-master-231 Ready master 17d v1.21.7test-k8s-node-228 Ready
测试
$vim test.yaml apiVersion: v1kind: Podmetadata: name: busybox namespace: defaultspec: containers: - name: busybox image: busybox:1.28.3 command: - sleep - "3600" imagePullPolicy: IfNotPresent restartPolicy: Always $kubectl apply -f test.yaml $kubectl get po -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESbusybox 1/1 Running 0 107s 10.244.4.3 test-k8s-node-233
pod 也可以正常启动
至此,二进制版本升级完毕
更多文章请扫一扫
发表评论
暂时没有评论,来抢沙发吧~